Class | UserController |
In: |
app/controllers/user_controller.rb
|
Parent: | ApplicationController |
ユーザーを制御する。
TOKEN_FOR_SINGLE_SIGN_ON | = | :X0034343_A34343_B34343 | layout ‘user‘ |
自動ログインを行う。
# File app/controllers/user_controller.rb, line 15 15: def auto 16: begin 17: queue = MailQueue.find(params[:id]) 18: rescue ActiveRecord::RecordNotFound 19: raise MailQueueNotFound, "no such mail queue" 20: end 21: user_login = params[:u] 22: unless !user_login.blank? && (user = User.find_by_login(user_login)) && queue.recipients.include?(user.person) 23: raise RecipientNotFound, "no such recipient" 24: end 25: session[:fragment] = fragment_for(:product => queue.product, :document => queue.document) 26: session[:return_to] = return_to = "/" # default 27: if session[:user_id] # already login 28: if User.find_by_id(session[:user_id]).login == user_login 29: redirect_to session[:return_to] 30: session[:return_to] = nil 31: return 32: else 33: logout(false) # user mismatch 34: end 35: end 36: if queue.product.mail_skip_auth? && skip_authentication(user_login) 37: redirect_to session[:return_to] 38: session[:return_to] = nil 39: return 40: end 41: @user = User.new(:login => user_login) 42: render :action => "login" 43: end
パスワードを変更する。
# File app/controllers/user_controller.rb, line 131 131: def change_password 132: return if generate_filled_in 133: params['user'].delete('form') 134: begin 135: @user.change_password(params['user']['password'], params['user']['password_confirmation']) 136: @user.save! 137: rescue Exception => ex 138: report_exception ex 139: flash.now['message'] = s_("flash|message|Your password could not be changed at this time. Please retry.") 140: render and return 141: end 142: # succeeded to change 143: redirect_to :controller => "menu", :action => "index" 144: begin 145: UserNotify.deliver_change_password(@user, params['user']['password']) 146: rescue Exception => ex 147: report_exception ex 148: end 149: end
ユーザーを削除する。
# File app/controllers/user_controller.rb, line 215 215: def delete 216: @user = @current_user || User.find_by_id( session[:user_id] ) 217: begin 218: @user.update_attribute( :deleted, true ) 219: logout 220: rescue Exception => ex 221: flash.now['message'] = s_("flash|message|Error: %{ex}.") % {:ex => ex} 222: redirect_back_or_default 223: end 224: end
ユーザー情報の変更を行う。
# File app/controllers/user_controller.rb, line 188 188: def edit 189: return if generate_filled_in 190: if params['user']['form'] 191: form = params['user'].delete('form') 192: begin 193: case form 194: when "edit" 195: unclean_params = params['user'] 196: user_params = unclean_params.delete_if { |k,v| not User::CHANGEABLE_FIELDS.include?(k) } 197: @user.attributes = user_params 198: @user.save 199: flash.now['notice'] = s_("flash|notice|User has been updated.") 200: when "change_password" 201: change_password 202: when "delete" 203: delete 204: else 205: raise "unknown edit action" 206: end 207: rescue Exception => ex 208: logger.warn ex 209: logger.warn ex.backtrace 210: end 211: end 212: end
パスワードを忘れた場合の処理を行う。
# File app/controllers/user_controller.rb, line 152 152: def forgot_password 153: if authenticated_user? 154: flash['message'] = s_("flash|message|You are currently logged in. You may change your password now.") 155: redirect_to :action => 'change_password' 156: return 157: end 158: 159: return if generate_blank_form 160: 161: login = params['user']['login'] 162: if login.empty? 163: flash.now['message'] = s_("flash|message|Please enter a valid login name.") 164: elsif (user = User.find_by_login(login)).nil? 165: flash.now['message'] = s_("flash|message|We could not find a user with the login %{login}") % {:login => CGI.escapeHTML(login)} 166: else 167: begin 168: User.transaction do 169: key = user.generate_security_token 170: url = url_for(:action => 'change_password') 171: url += "?user[id]=#{user.id}&key=#{key}" 172: UserNotify.deliver_forgot_password(user, url) 173: flash['notice'] = s_("flash|notice|Instructions on resetting your password have been emailed to %{login}.") % {:login => CGI.escapeHTML(login)} 174: unless authenticated_user? 175: redirect_to :action => 'login' 176: return 177: end 178: redirect_back_or_default 179: end 180: rescue Exception => ex 181: report_exception ex 182: flash.now['message'] = s_("flash|message|Your password could not be emailed to %{login}") % {:login => CGI.escapeHTML(login)} 183: end 184: end 185: end
ログイン認証を行う。
# File app/controllers/user_controller.rb, line 46 46: def login 47: unless params[TOKEN_FOR_SINGLE_SIGN_ON].blank? 48: return skip_authentication(params[TOKEN_FOR_SINGLE_SIGN_ON]) 49: end 50: 51: unless params[:fragment].blank? 52: session[:fragment] = params[:fragment] 53: end 54: 55: if request.xhr? 56: render :update do |page| 57: page.insert_html :before, "view_main", "\n<!-- fragment saved -->\n" # dummy 58: end 59: return 60: end 61: 62: return if generate_blank_form 63: user = User.authenticate(params["user"]["login"], params["user"]["password"], true) 64: @user = user || User.new(params["user"]) 65: if user 66: unless user.lockout? 67: reset_session 68: @current_user = Thread.current[:user] = user 69: init_login_session(user) 70: if user.password_expire? 71: create_login_history(user, LoginHistory::RESULT_PASSWORD_EXPIRED) 72: reset_session_all 73: redirect_to :action => "change_password" 74: return 75: end 76: flash["notice"] = s_("flash|notice|Login succeeded") 77: create_login_history(user, LoginHistory::RESULT_LOGIN_SUCCEEDED) 78: redirect_back_or_default 79: return 80: end 81: end 82: 83: @login = params["user"]["login"] 84: flash['message'] = s_("flash|message|Login failed") 85: create_login_history(user, LoginHistory::RESULT_LOGIN_FAILED) 86: end